SDN-BASED MOBILE COMMUNICATION SYSTEM AND METHOD FOR OPERATING SUCH SYSTEM

Description

[0001] The present invention generally relates to a method for operating an SDN-based mobile communication system, wherein said system comprises a mobile network including a control plane and a data plane with a network controller being implemented therebetween. Furthermore, the present invention relates to an SDN-based mobile communication system.

List of Abbreviations

APN	Access Point Name
DPN	Data Plane Node
eNB	Evolved NodeB
EPC	Evolved Packet Core
EPS	Evolved Packet System
GTP	GPRS Tunneling Protocol
HSS	Home Subscriber Server
IP	Internet Protocol
ECGI	E-UTRAN Cell Global Identifier
LTE	Long Term Evolution
MME	Mobility Management Entity
NBI	North-bound Interface
PCRF	Policy Control Rule Function
PEP	Policy Enforcement Point
PDN	Packet Data Network
PGW	PDN Gateway
QoS	Quality of Service
SBI	South-bound Interface
SDN	Software Defined Networking
SGW	Serving Gateway
TEID	Tunnel Endpoint Identifier
TFT	Traffic Flow Template
UE	User Equipment

[0002] With the foreseen explosion of user traffic and diversification of communication paradigms - e.g., MTC (Machine Type Communication), V2X (Vehicle-to-X), etc. - current centralized architectures for mobile networks (e.g., the EPC) are prone to pose scalability problems, suboptimal routing, increased overhead and complexity. Many operators and vendors are already looking at improving the traffic distribution in the network, allowing multiple anchor points for user data traffic, bringing internet services closer to the users, at the edge of the network, as well as tailoring the mobility support to the user needs, reducing the associated overhead.

[0003] The Technical Report TR 23.799 by 3GPP (for reference, see 3GPP TR 23.799, Study on Architecture for Next generation System, v0.4.0, 2016-04) is one of the most relevant documents to pave the road for a system architecture evolution towards 5G. It collects a number of requirements and key issues that the next generation system shall meet and resolve, along with potential solutions under evaluation. US Patent Publication US9038151 B1, published on May 19, 2015, solves the problem of access control in SDN-based networks. The Publication of Chukwudi A.Ezefibe et al.: "Towards Virtualisation and Secured Software Defined Networking for Wireless and Cellular Networks", 2016 IEEE Canadian Conference on Electrical and Computer Engineering (CCEC), May 15, 2016, pages 1-5, reviews on how SDN supports network function virtualization and studies the application of SDN to wireless and cellular data networks.

[0004] Different strategies are adopted to enable the transition to the next generation mobile communications architecture and meet associated requirements, such as flexible deployment, scaling, and softwarization of network functions, from which some are listed in the following:

1) Separating the control plane functions from the data plane functions into logically and physically separated entities, with a communication reference point between the two. (With respect to the term 'data plane' it is noted that in the relevant literature for this topic, as well as in the documents produced by different SDOs, the terms 'user plane' and 'data plane' have the same meaning and are indeed used interchangeably. In the context of the present invention this practice will be adopted as well, unless otherwise stated);

2) Virtualizing Control-Plane functions and abstracting the Data-Plane network topology;

3) Utilizing Network Controllers (e.g., SDN controllers) to abstract the network towards the Control-Plane and enabling a clear separation between the Control-Plane functions(s) (application logic) and the network controller (network view);

4) Simplifying the management of the network for future wide variety of device types, mobility- and communication patterns;

5) Enabling isolated network slices. Data-Plane slices are also represented to the Control-Plane as abstracted view, e.g. as topology graph, which need to be mapped to the common and shared physical Data-Plane resources;

6) Enabling better traffic fan-out by shortening the data path between a mobile device and its one or multiple correspondent services;

7) Breaking the current 3GPP APN and PDN connection concepts by serving a mobile device's IP address from distributed - e.g. central, edge, local POP (Point-of-Presence) - correspondent services without mandating traffic to traverse a single mobility anchor (e.g., PDN gateway);

8) Reducing packet overhead and avoid tunnels to forward packets between overlay mobility anchors.

[0005] Albeit the 3GPP has already started looking at the problem, introducing a "Study on control and user plane separation of EPC nodes", sometimes referred as CUPS - Control User Planes Separation (for reference, see 3GPP TR 23.714, Study on control and user plane separation of EPC nodes, v0.4.0, 2016-04), they have not yet explored the usage of network controllers and the SDN paradigm to offload some aspects of the user plane configuration from the control plane functions to a network controller.

[0006] In view of the above it is an objective of the present invention to improve and further develop an SDN-based mobile communication system as well as a method for operating an SDN-based mobile communication system in such a way that efficient transport of mobile data traffic is enabled while taking advantage of the SDN paradigm of offloading data plane configuration issues as far as possible from the control plane functions to a network controller.

[0007] In accordance with the invention, the aforementioned objective is accomplished by a method for operating an SDN-based mobile communication system according to independent claim 1.

[0008] Furthermore, the above objective is accomplished by an SDN-based mobile communication system according to independent claim 15.

[0009] According to the invention it has been recognized that the above mentioned objective can be accomplished by a collaborative approach between a separated control plane function (e.g. an application for mobility support) and a network controller, enabling a distributed creation of data plane rules and selection and/or re-selection of policy enforcement points in the data plane. According to embodiments the network controller is equipped with selection means that are configured to use information received from a (virtualized) control plane function for selection of and rules enforcement at one or multiple suitable data plane nodes in a physical topology, where the control plane function has no detailed view about the data plane, by collaboration between the control plane function and the network controller. A 'suitable' data plane node should be able to provide the required resources and functions, e.g., tunneling, metering, packet buffering, etc. as requested by the control plane.

[0010] Generally, according to embodiments appropriate selection of policy enforcement points in the data plane is achieved by mapping between a dual-layer topology based on control plane function topology awareness and network control (physical) topology awareness, enabled through appropriate information exchange over a communication interface (i.e., network controller NBI) between the control plane function and the network controller. The present invention can be regarded as an enabler for SDN-based data plane in a legacy mobility control plane (e.g. virtualized EPC) and next generation mobile core (5G).

[0011] Embodiments of the present invention have the advantage of removing the PGW bottleneck, enabling distribution of data traffic across multiple gateways and of using GTP-less communication in the data plane. Furthermore, embodiments of the invention enable an SDN-based data plane in a cloud-native, virtualized and SDN-enabled network for mobile communication as well as mobility management in a sliced and Control-/Data-plane separated environment. Still further, embodiments come along with a flexible implementation choice by keeping some Data-Plane control on the Mobility Control-Plane, while offloading some functions to the SDN Controller. Compared to existing alternative options, which generally include higher costs and imply less clean concepts (e.g. exposure of DPNs and physical topology to the Mobility Control-Plane to select a concrete DPN), the present invention does not mandate particular knowledge of specific attributes about DPNs (e.g., DPN load and supported function) at the Mobility Control-Plane.

[0012] According to an embodiment the collaborative operations between the control plane function and the network controller may include the transmission of information related to a device, e.g. mobile terminal that wishes to establish a session with the mobile network, from the control plane function to the network controller. The control plane function may receive this information via signaling when the device transmits its request for session establishment. After the control plane function has passed or exposed the device related information to the network controller, the network controller may select, based on this information, suitable data plane nodes for policy enforcement.

[0013] According to an embodiment, based on the device related information (which, like in the above embodiment, may include, but not limited to, device location, required functions supported by the data plane node, e.g. encapsulation, buffering, etc.), the controller plane function may select an abstract data plane node or a group of abstract data plane nodes (wherein the selection is performed in a topology abstraction at the control plane, i.e. the "abstract data plane nodes" are treated in the abstract topology at the control plane) and may then expose the selected abstract data plane node or group of abstract data plane nodes, e.g. by means of an abstract node identifier or an abstract group identifier, to the network controller. Based on the information about the abstract data plane node or group of abstract data plane nodes the network controller may select suitable data plane nodes for policy enforcement.

[0014] With respect to an efficient selection and/or re-selection of an optimal data plane functional entity based on a device's request for session establishment by signaling and collaboration between the control plane function and the network controller, it may be provided that also correspondent service information (e.g. service location, network hosting the service, PDN, data-center hosting the service, required functions supported by the Data-Plane node, e.g. encapsulation, buffering, etc.) is being exposed from the control plane function to the network controller. The network controller may then perform selection of suitable data plane nodes for policy enforcement also on the basis of this correspondent service information.

[0015] According to an embodiment the device related information passed from the control plane function to the network controller may include a location attribute that represents information about the device's location and/or proximity (e.g. access point identifier, geo location, etc.). The control plane function (e.g., mobility support application), which may receive this location attribute via signaling, may then provide information about the device's location to the network controller, e.g. SDN controller, via a network controller northbound interface, which may be realized in different ways:
According to one implementation, the control plane function may provide the location attribute as it is to the network controller. The network controller holds the logic to map the location attribute to a suitable data plane node to enforce the mobility control plane's rules.

[0016] According to another implementation, the control plane function may use the location attribute to map the location to a virtual data plane node (e.g. a topological graph node ID, or a virtual node ID) on its abstract view (topology graph) of the data-plane, and may pass the virtual data plane node ID to the network controller. Then, the network controller maps the virtual data plane node ID to a suitable data plane node for policy enforcement.

[0017] According to still another implementation, the control plane function may use the location attribute to identify a group of virtual data plane nodes in the abstract data plane topology, and may pass a group identifier, which identifies the selected group of virtual data plane nodes (could identify a data center, network center, a local point-of-presence (PoP), or the like), to the network controller. Then, the network controller maps the group identifier to a suitable data plane node for policy enforcement.

[0018] According to an embodiment, based on attributes related to the device's context (including for instance, but not limited to, mobility pattern, preferred communication profile, information about the correspondent service type, required support from data plane functions, etc.) and/or related to the network of the service being used by the device, the control plane function can append additional information when passing the location attribute to the network control, which helps the network controller in the mapping and selection of a suitable data plane node.

[0019] In particular, such additional information may comprise information about the network in the topology from which the device's IP address should be determined/allocated. In this context it is important to note that the UE's IP address is matching the identified network and is topologically correct in that network, i.e. matching the identified network's address prefix. As a consequence, the transport network will route IP packets, which are destined to the UE's IP address, to the identified network. For instance, the control plane function may identify the network of a local PoP close to the network edge and close to the location identified by the location attribute. Specifically, the additional information can be a network identifier, a network IP address prefix, a data-center identifier or network-center identifier, or an IP address of a node in the network, from which the device's IP address is to be determined. This information can be used by the network controller to select a PEP in the network, where the device's IP address is topologically correct. This ensures that traffic, which is forwarded by default routes, can be processed by the selected PEP in that network.

[0020] Furthermore, such additional information may comprise information about the network of the device's correspondent service, e.g. the network identifier or prefix, in which the service being used by the device is located, or the network which provides the Internet Exchange Point (IXP) to offer internet services to attached devices. Such service location information can be the server's address or identifier, the network hosting the service, PDN hosting the service or the data-center hosting the service, and can include required functions supported by the data plane node, e.g. encapsulation, buffering, etc. This information can be used by the network controller to select a PEP in the network, which is close or local to the correspondent service and ensures, that traffic between the device and a correspondent service can be processed close to the service, e.g. for policy enforcement or metering.

[0021] Still further, such additional information may comprise information about the correspondent service type (e.g., Internet access for web-browsing, voice service, M2M communication, etc.). This information is used to determine whether the data plane node should provide service-specific support (e.g., buffering, data compression, etc.).

[0022] Still further, such additional information may comprise information about the mobility pattern of the mobile device (e.g., static, low speed, high speed, etc.). This information can be used by the network controller to determine the data plane node that potentially leads to the least number of data plane node relocations.

[0023] Still further, such additional information may comprise information about the data plane slice (e.g. a slice name or identifier), to which a rule applies. The network controller may use this slice information to determine the associated resource on the data plane to which the rules apply.

[0024] According to an embodiment the control plan function may be implemented in form of an integrated gateway control function, GW-C, that comprises control plane components of a combined Serving Gateway and PDN Gateway, P/S-GW. Insofar, this embodiment provides a mechanism to select one or multiple PEPs for mobile users' data traffic when one single logical mobile gateway (e.g., combined SGW+PGW) is deployed in the control plane of the mobile network.

[0025] According to an embodiment the policy enforcement points may be implemented in a form that they replace Serving Gateway, S-GW, and PDN Gateway, P-GW, components sitting in the data plane.

[0026] According to an embodiment one of the data plane nodes selected to act as policy enforcement points may function as edge policy enforcement point terminating the interface towards the radio or fixed line access node, e.g. in case of an application to EPS, the S1-U interface towards the E-UTRAN elements (i.e. eNodeB). Alternatively, the data plane nodes selected to act as policy enforcement points may function as edge policy enforcement point that is located on the radio or fixed line access node, i.e. the edge policy enforcement point can be the access node itself.

[0027] According to an embodiment the GW-C may determine the edge policy enforcement point (Edge PEP) based on device's location information received via signaling with a mobility management entity, MME, wherein the GW-C resolves the device's location information into an edge policy enforcement point eligible for the device's location according to the topology information maintained on said GW-C.

[0028] According to an embodiment one or more of the data plane nodes selected to act as policy enforcement points may function as root policy enforcement points constituting the forwarding elements under management of the network controller that are closest to respective services requested by the device.

[0029] According to an embodiment the root policy enforcement point (Root PEP) selection/re-selection and configuration may be triggered reactively upon interception of traffic to/from the respective device at the network controller. According to an alternative embodiment a 'default' Root PEP is selected by pre-provisioning a data plane node with appropriate rules to serve as Root PEP and by configuring the corresponding Edge PEP with rules to deliver/forward traffic from the respective device to that default Root PEP and/or to deliver/forward traffic to the respective device from that default Root PEP (i.e. uplink and downlink configurations).

[0030] There are several ways how to design and further develop the teaching of the present invention in an advantageous way. To this end it is to be referred to the dependent patent claims on the one hand and to the following explanation of preferred embodiments of the invention by way of example, illustrated by the drawing on the other hand. In connection with the explanation of the preferred embodiments of the invention by the aid of the drawing, generally preferred embodiments and further developments of the teaching will be explained. In the drawing

Fig. 1

is a schematic view illustrating separation of Control-Plane functions, Network Control and Data-Plane resources in an SDN-based mobile communication architecture in accordance with embodiments of the present invention,

Fig. 2

is an abstract view of a Data-Plane from the viewpoint of a mobility Control-Plane of an SDN-based mobile communication architecture in accordance with embodiments of the present invention,

Fig. 3

is a diagram illustrating handling of Control-Plane and User-Plane interfacing with combined SGW/PGW in accordance with embodiments of the present invention,

Fig. 4

is a schematic view illustrating an SDN-based CUPS, Control User Planes Separation, architecture in accordance with embodiments of the present invention,

Fig. 5

is a diagram illustrating an Edge PEP selection mechanism in accordance with embodiments of the present invention, and

Fig. 6

is a diagram illustrating a Root PEP configuration mechanism in accordance with embodiments of the present invention.

[0031] Fig. 1 illustrates an SDN-based architecture 1 that attempts to realize some of the aspects mentioned in the introduction and that solves some of the key issues presented in document 3GPP TR 23.799: "Study on Architecture for Next generation System, v0.4.0, 2016-04". It is noted that in this document the key issues 1) to 6) of the overview presented in the introduction have been identified as potentially tackled by the proposed architecture. Specifically, Fig. 1 depicts an exemplary view of a Control-Plane function 2, which connects and utilizes a network controller 3 to enforce rules in the Data-Plane Nodes (DPNs) 4 to transport mobile data traffic of a UE 5. In connection with embodiments of the present invention, which will be described hereinafter in detail, the concept of network controller 3 is in fact realized through the concepts from the SDN paradigm, and thus, through an SDN controller 6. However, as will be easily appreciated by those skilled in the art, different implementations with physically and logically separated Control-Plane and Data-Plane that do not rely on the SDN concept, but on similar approaches, are also possible.

[0032] One of the most relevant issues in a deployment where the Control-Plane is separated from the Data-Plane with an SDN Controller 6 in between is the distribution of relevant information to select suitable Data-Plane nodes 4 and to set up required Data-Plane paths by the enforcement of rules on one or multiple selected Data-Plane nodes 4. While the Control-Plane function 2 holds information about session states, e.g. device status, location information and communication endpoints, the SDN Controller 6 holds network-related information, e.g. physical topology, Data-Plane nodes' 4 supported functions and load. Challenge in such decomposed and distributed architecture is the interplay between the Control-Plane and the SDN Controller 6 to enable the aimed operation per the above list and make the Data-Plane reflect the mobility session states and agreed service levels appropriately.

[0033] Embodiments of the present invention leverage the SDN paradigm as an abstraction layer to enable the control plane to operate a distributed and IP-native data plane. In this context, selecting one or multiple DPNs 4 as the Policy Enforcement Points (PEPs) for user traffic plays a crucial role in building the data path. Optionally, the SDN Controller 6 may also connect to transport nodes in between PEPs, e.g. to enable transport SDN in between distributed data centers, as shown by the dotted line in Fig. 1.

[0034] Generally, in an architecture with CUPS, Control User Planes Separation, the Control-Plane function 2 may receive information from the access network (in particular, from the radio access node 7) about the proximity of a mobile device 5 (location information, access point identifiers, etc.), as well as about the mobile device's 5 context (mobility pattern, preferred communication profile, information about the correspondent service type, required support from data plane functions, etc.). Although not shown in Fig. 1, it is to be understood that the access node could also be an access node for fixed access (e.g., xDSL). While the Control-Plane function 2 is aware of the rules that need to be enforced in the Data-Plane to enable connectivity for a device, i.e. UE 5 in Fig. 1, and may know about an abstract view of the Data-Plane, e.g. as abstract topology graph, it does not have fully detailed topology and routing information, which belongs to the SDN controller 6 instead.

[0035] Since the Control-Plane function 2 has neither detailed view nor direct access to Data-Plane nodes 4 for programming and for the enforcement of Data-Plane rules to serve a mobile device's traffic, the selection of suitable Data-Plane nodes 4 cannot easily be performed on the Control-Plane. This becomes apparent from Fig. 2, which schematically illustrates an exemplary Data-Plane topology 20 (see lower part of Fig. 2) together with a corresponding topology abstraction 21 at the Control-Plane (see upper part of Fig. 2).

[0036] On the other hand, the SDN controller 6 does not possess the rules and policies information required to set up an appropriate session for the mobile device 5.

[0037] In case of a sliced network, which isolates Data-Plane resources associated with different network slices, Control-Plane functions 2 know from session information to which Data-Plane slice a particular rule applies, but is not aware to which physical Data-Plane nodes 4 the rules apply. Even though the SDN Controller 6 has the detailed view about the physical Data-Plane and may know which Data-Plane slice is realized by which Data-Plane resources, it does not have information about the association between a subscriber/data session and a Data-Plane network slice.

[0038] Therefore, in accordance with embodiments of the present invention the selection of suitable Data-Plane node(s) 4 is performed in a collaborative way between the Control-Plane function 2 and the SDN controller 6, provided appropriate information is exchanged between them. Generally, embodiments of the present invention enable selection and configuration of rules in suitable DPN(s) 4 in a Control-/Data-Plane separated architecture and treat these DPNs 4 as policy enforcement points 8 to provide connectivity for a mobile device 5. To this end, embodiments of the invention provide an appropriate interfacing mechanism between the Control-Plane function 2 and the SDN controller 8 to enable consistent selection of a suitable Data-Plane node 4, as will be described in more detail below.

[0039] When considering applications to current architecture for mobile networks, e.g., the EPS for an LTE network as per 3GPP TS 23.401, embodiments of the invention enable the simultaneous usage of multiple PGW's user plane elements under the control of a single PGW control instance.

[0040] Specifically, according to an embodiment of the invention the architecture re-uses part of the functional split for combined S/P-GW proposed in document 3GPP TR 23.714, Study on control and user plane separation of EPC nodes, v0.4.0, 2016-04, which consists in first merging the SGW and PGW together, and then splitting the combined entity into control and user plane components. The split proposed in the above cited 3GPP TR 23.714, from which section 6.1, in particular subsection 6.1.2, is incorporated herein by way of reference, is illustrated in Fig. 3, together with an embodiment of an appropriate interfacing mechanism. The control plane, CP, entities are depicted in the upper part of Fig. 3, while the user plane, UP, entities are depicted in the lower part of Fig. 3.

[0041] According to embodiments of the invention an integrated gateway control function (hereinafter briefly denoted GW-C) will be introduced, which reflects the P/S-GW CP components of Fig. 3. As shown in Fig. 4, the GW-C 9 is responsible for terminating the S11 interface towards the MME (Mobility Management Entity) 10, as well as the Gx interface towards the PCRF (Policy and Charging Rules Function) 11.

[0042] As shown in the embodiment of Fig. 4, the SGW and PGW components sitting in the data plane are replaced by Policy Enforcement Points (PEPs) 8. PEPs 8 are Data-plane nodes 4 (i.e., forwarding elements like switches and routers) which are able to enforce a given policy (QoS, NAT, etc.) to packets on a flow basis. There are two types of PEPs 8: Edge PEPs 8a and Root PEPs 8b. They are both programmed by the SDN controller 6 using an SBI protocol (for instance, but not limited to, OpenFlow).

[0043] As illustrated in Fig. 4, an Edge PEP 8a terminates the S1-U interface towards the E-UTRAN elements 12 (e.g., eNodeB). The Edge PEP 8a is GTP-U capable to maintain backward compatibility with eNBs, therefore emulating part of the SGW data plane functionalities.

[0044] A Root PEP 8b is the closest forwarding element to the requested service, under the management scope of the SDN controller 6 (SDN domain). Edge and root PEPs 8a, 8b might be co-located to enable local breakout deployments.

[0045] As shown in Fig. 4, there is one Edge PEP 8a for a specific access link to the UE 5, whereas (although not explicitly shown in Fig. 4) there can be multiple Root PEPs 8b according to traffic patterns and requested services.

[0046] The Sxa and Sxb reference points (or the combination of the two), as per the 3GPP's proposal, are replaced by the concatenation of the NBI and SBI protocols, with the mediation of the SDN controller 6.

[0047] As depicted inFehler! Verweisquelle konnte nicht gefunden werden.Fehler! Verweisquelle konnte nicht gefunden werden. Fig. 2, the SDN controller 6 of Fig. 4 maintains the topology of the switching elements in the network and corresponding links. The GW-C 9 maintains a logical topology representing the eligible Edge and Root PEPs 8a, 8b. A cluster of DPNs in the SDN-C scope can be resolved as a single PEP in the GW-U scope. The mapping between a logical Edge PEP 8a and the device that implements the PEP functionalities is transparent to the GW-C 9 and operated by the SDN controller 6.

[0048] Turning now to Fig. 5, this figure illustrates an Edge PEP 8a selection procedure in accordance with an embodiment of the present invention.

[0049] In the current EPC operations, an SGW is primarily selected based on network topology, as well as on other criteria like load balancing. In accordance with embodiments of the present invention such selection can be mapped to an Edge PEP 8a selection, so it is necessary to perform the appropriate translations from the 3GPP semantic to the one used for the NBI protocol.

[0050] In order to do so, the following logical steps may be taken into account:

1) The MME 10 is the entity in the EPC that signals the relevant events to the selected SGW. The signaling target is therefore implicitly revealing the SGW selection process.

2) Since, in the proposed architecture, there might be only one logical GW-C 9 terminating the signaling with the MME 10, the SGW selection logic is somehow lost, as the GW-C 9 has to determine the Edge PEP 8a by itself.

3) The selection done by the GW-C 9 should be primarily assisted by UE 5 location information conveyed by the signaling with the MME 10. Other UE 5 attributes related to the device's context (e.g., mobility pattern, communication profile, etc.) can be used in the selection process as well.

4) Based on the topology maintained by the GW-C 9, the GW-C 9 resolves the UE 5 location into the Edge PEP 8a eligible for that location.

5) The information about the Edge PEP 8a is passed to the SDN controller 6 through the NBI, in a form that allows the SDN controller 6 to map the Edge PEP 8a indicated by the GW-C 9 into the cluster of DPNs that may serve to the purpose. This information is hence specified as an information element in the SBI protocol. This element might have different names, in this example let it be named the Regional ID (RID).

6) Based on the RID, the SDN controller 6 determines the DPN cluster, and picks the most appropriate DPN out of the cluster based on internal metrics, e.g., path optimization, load balancing, or the like.

[0051] As already mentioned above, Fig. 5 illustrates an embodiment of the present invention that relates to a procedure of Edge PEP 8a selection that is integrated in the EPC. According to this embodiment, the procedure comprises the following steps, where the numbering of the steps follows the indication given in the figure (although, as will be easily appreciated by those skilled in the art, certain steps may be executed in a different sequence than the one described below, or may be executed in a different way or may even be omitted):

1. Upon UE 5 attachment, the MME 10 forwards a Create Session Request message to the GW-C 9, including the location of the UE 5 at eNB granularity, through the E-UTRAN Cell Global ID (ECGI) parameter.

2. Based on subscriber information, requested PDN 13 and TFT for the default bearer, the GW-C 9 computes the rule(s) to handle the UE's 5 traffic within the mobile network. The rules are associated to a key called PORT-ID. They contain the treatment that data traffic should undergo within the mobile network, based on different properties like en-/de-capsulation, NAT, QoS class, etc. From the ECGI parameter, the GW-C 9 selects the Edge PEP 8a, i.e., it computes the SGW's IP address and TEID used in the uplink direction of S1-U interface, to be bound to the traffic rules for the decapsulation action. In addition, the GW-C 9 allocates for the UE 5 an IPv4 address (or IPv6 prefix) topologically valid in the network where the Edge PEP 8a sits.

3. The traffic rule is communicated to the SDN controller 6 via the NBI, along with the RID based on the ECGI. The RID is the parameter that identifies the Edge PEP 8a as per the topology map maintained at the GW-C 9.

4. The SDN controller 6 derives an appropriate forwarding element (DPN) 4 to serve as Edge PEP 8a, based on the RID and SGW's IP address. Optionally, the SDN-C might consider the UE's 5 IP address (indicated in the traffic rules) for the DPN selection. The SDN controller 6 then translates the traffic rule into SBI commands to program the edge PEP 8a.

5. The DPN 4 is programmed by the SDN controller 6 with the appropriate traffic rule for uplink traffic, that is, indicating to decapsulate the packets received from the RAN that carry the specified TEID.

6. The SDN controller 6 acknowledges the rule creation request to the GW-C 9.

7. The GW-C 9 replies to the MME 10 with the appropriate message, i.e., Create Session Response.

8. Legacy EPS operations are carried out among the MME 10, eNB 12 and UE 5, resulting in the UE 5 RRC configuration, as well as the configuration of the eNB 12 with the corresponding traffic rules for uplink (SGW's IP address and TEID) and downlink (eNB's IP address and TEID). The MME 10 sends the eNB's 12 IP address and TEID for downlink traffic to the GW-C 9.

9. The GW-C 9 appends the eNB's 12 IP address and the downlink S1 TEID to the rules for the UE 5 traffic. Such parameters are sent to the SDN controller 6.

10. The SDN controller 6 updates its rule description and prepares the instructions for the DPN 4 acting as Edge PEP 8a.

11. The DPN 4 is programmed in order to encapsulate with the appropriate eNB's 12 TEID and IP address the traffic matching the UE's 5 IP address as destination address.

12. An acknowledgement is sent by the SDN controller 6 to the GW-C 9 to conclude the Edge PEP 8a configuration.

13. The GW-C 9 concludes the interaction with the MME 10.

[0052] Turning now to Fig. 6, this figure illustrates a Root PEP 8b configuration procedure in accordance with an embodiment of the present invention. According to this embodiment the IP native packet core builds on substantial differences from the EPC's S5 interface between the SGW and the PGW, which lead to the following considerations:
There is no GTP tunneling in the data path from an Edge PEP 8a and a Root PEP 8b. Instead, standard IP routing might be used to deliver packets in the transport links between them. Furthermore, multiple Root PEPs 8b might serve a user for the same PDN 13. Operation flows to configure a Root PEP 8b (as shown in Fig. 4) might be implemented as follows (wherein the numbering of the steps follows the indication given in the figure and wherein again, as will be easily appreciated by those skilled in the art, certain steps may be executed in a different sequence than the one described below, or may be executed in a different way or may even be omitted):

1. Data traffic generated by or addressed to the UE 5, eventually hits a DPN 4 eligible as Root PEP 8b.

a. Once the UE 5 finalizes the RRC configuration, it can send uplink traffic. User packets are routed by an Edge PEP 8a towards destination and are eventually intercepted by a DPN 4 with no default rule, or

b. Downlink packets destined to the UE 5 are attracted to a DPN 4 with no downlink rule for the UE 5.

2. The DPN 4, using SDN mechanisms, e.g., Packet_IN message in OpenFlow, notifies the SDN controller 6, conveying the packet's header(s) for matching (e.g., against the packet header's 5-tuple).

3. The SDN controller 6 looks up a rule definition for the UE 5. Based on the rule(s), the SDN controller 6 derives the Root PEP 8b instructions. If more rules apply, that with the most appropriate match is selected. If no rule applies, the SDN controller 6 discards the request.

4. The SDN controller 6 programs the DPN 4.

5. The DPN 4 installs the policies to serve as Root PEP 8b.

[0053] According to the embodiments of the present invention described above, data structures and functionalities may basically be organized as follows:
With respect to GW-U and logical PEPs topology, it is important to consider that E-UTRAN is divided into regions, with each region being under the same edge PEP 8a responsibility. Beyond location, additional metrics might be taken into account. For instance, if a user mobility pattern is known (e.g., trajectory of a train), a region can be created in order to minimize the inter-Edge PEP 8a handover.

[0054] With respect to bearer to flow rules mapping at the GW-U, it may be provided that EPC control entities, like the MME 10 and PCRF 11, refer to policies as grouped into bearers. Bearers are associated to APNs. The GW-C 9 needs to map such bearers to flow rules, which are identified by a key, e.g. called PORT-ID (cf. step 2 of Fig. 5). The PORT-ID enables to quickly look up a forwarding descriptor, associating traffic selectors to properties for flows.

[0055] On the other hand, the SDN controller 6 may be configured to maintain the topology of the network in terms of forwarding elements and links and may map PEPs sites into devices. Furthermore, the SDN controller 6 may translate the result of a PORT-ID lookup into SBI instructions. Still further, the SDN controller 6 may be configured to maintain a list of rules enforced to network devices. This list should be realized in such a way to fetch quickly the rules associated to a user, even when these rules are applied to multiple DPNs 4.

Claims

1. Method for operating an SDN-based mobile communication system, wherein said system comprises a mobile network including a control plane and a data plane with a network controller (3) being implemented therebetween, the method comprising:

providing a control plane function (2) in said control plane of said mobile network, the control plane function (2) holding information from an access network about user- or machine-type devices' location and/or proximity as well as information about rules and/or policies required to set up sessions for said devices, said devices being connected via the access network to data plane nodes and control plane entities; and

by said network controller (3), by means of collaborative operations with said control plane function (2) including an information exchange over a communication interface between the control plane function (2) and the network controller (3), selecting one or multiple data plane nodes (4) that are, based on a particular device's (5) request for session establishment, configured to act as policy enforcement points (8) for enforcing rules in said data plane that are required to enable connectivity for said particular device (5).

2. Method according to claim 1, wherein the collaborative operations between said control plane function (2) and said network controller (3) include
upon a device's (5) request for session establishment, receiving via signaling device (5) related information at said control plane function (2),
by said control plane function (2), passing said device (5) related information to said network controller (3), and
by said network controller (3), selecting suitable data plane nodes (4) for policy enforcement based on said device (5) related information.

3. Method according to claim 1 or 2, wherein the collaborative operations between said control plane function (2) and said network controller (3) include upon a device's (5) request for session establishment, receiving via signaling device (5) related information at said control plane function (2),
by said control plane function (2), based on said device (5) related information, performing selection of an abstract data plane node or a group of abstract data plane nodes and then exposing of the selected abstract data plane node or group of abstract data plane nodes to said network controller (3), and
by said network controller (3), selecting suitable data plane nodes (4) for policy enforcement based on information about said abstract data plane node or group of abstract data plane nodes.

4. Method according to any of claims 1 to 3, wherein said device (5) related information passed from said control plane function (2) to said network controller (3) includes a location attribute that represents information about said device's (5) location and/or proximity.

5. Method according to claim 4, wherein said network controller (3) maps said location attribute to suitable data plane nodes (4) for policy enforcement.

6. Method according to claim 4 or 5, wherein said control plane function (2) uses said location attribute to map the location to a virtual data plane node on said control plane function's abstract view of the data plane and passes an identifier of said virtual data plane node to said network controller (3), which in turn maps said identifier to a suitable data plane node (4) for policy enforcement.

7. Method according to any of claims 4 to 6, wherein said control plane function (2) uses said location attribute to identify a group of virtual data plane nodes on said control plane function's abstract view of the data plane and passes a group identifier, which identifies the selected group of virtual data plane nodes, to said network controller (3), which in turn maps said group identifier to a suitable data plane node (4) for policy enforcement.

8. Method according to claim 3, wherein said device (5) related information passed from said control plane function (2) to said network controller (3) includes information related to the device's (5) context and/or information related to the network of the service being used by said device (5).

9. Method according to any of claims 1 to 8, wherein said control plane function (2) is implemented in form of an integrated gateway control function, GW-C (9), that comprises control plane components of a combined Serving Gateway and PDN Gateway, P/S-GW.

10. Method according to any of claims 1 to 9, wherein said policy enforcement points (8) are implemented to replace Serving Gateway and PDN Gateway components sitting in said data plane.

11. Method according to any of claims 1 to 10, wherein one of said data plane nodes (4) selected to act as policy enforcement points (8) functions as edge policy enforcement point (8a) terminating the interface towards the radio or fixed line access node (7), or
wherein one of said data plane nodes (4) selected to act as policy enforcement points (8) functions as edge policy enforcement point (8a) being located on the radio or fixed line access node (7).

12. Method according to any of claims 9 to 11, wherein said GW-C (9) determines said edge policy enforcement point (8a) based on device's (5) location information received via signaling with a mobility management entity (10), wherein said GW-C (9) resolves the device's (5) location information into an edge policy enforcement point (8a) eligible for said device's (5) location according to the topology information maintained on said GW-C (9).

13. Method according to any of claims 1 to 12, wherein one or more of said data plane nodes (4) selected to act as policy enforcement points (8) function as root policy enforcement points (8b) constituting the forwarding elements under management of said network controller (3) that are closest to respective services requested by said device (5).

14. Method according to any of claims 1 to 13, wherein root policy enforcement point (8b) selection and configuration is triggered reactively upon interception of traffic to/from the respective device (5) at said network controller (3), or
wherein a default root policy enforcement point is selected by pre-provisioning a data plane node with appropriate rules to serve as root policy enforcement point (8b) and by configuring said edge policy enforcement point (8a) with rules to deliver traffic to the respective device (5) from said default root policy enforcement point and/or forward traffic from the respective device (5) through said default root policy enforcement point.

15. SDN-based mobile communication system, in particular for executing a method according to any of claims 1 to 14, comprising:

a mobile network including a control plane and a data plane, and

a network controller (3) implemented between said control plane and said data plane,

a control plane function (2) implemented in said control plane of said mobile network that is configured to hold information from an access network about user- or machine-type devices' location and/or proximity as well as information about rules and/or policies required to set up sessions for said devices, said devices being connected via the access network to data plane nodes and control plane entities; and

wherein said network controller (3) is configured to include an interface for enabling collaborative operation with said control plane function (2) as well as selection means that are configured to use information received from said control plane function (2) for selecting one or multiple data plane nodes (4) that are, based on a particular device's (5) request for session establishment, configured to act as policy enforcement points (8) for enforcing rules in said data plane that are required to enable connectivity for said particular device (5).

Ansprüche

1. Verfahren zum Betreiben eines SDN-basierten Mobilkommunikationssystems, wobei das System ein mobiles Netzwerk umfasst, das eine Steuerebene und eine Datenebene mit einem dazwischen implementierten Netzwerk-Controller (3) aufweist, das Verfahren umfassend:

Bereitstellen einer Steuerebenen-Funktion (2) in der Steuerebene des mobilen Netzwerks, wobei die Steuerebenen-Funktion (2) Informationen von einem Zugriffsnetz über den Standort und/oder die Nähe von Nutzer- oder maschinenartigen Geräten sowie Informationen über Regeln und/oder Richtlinien, die zum Einrichten von Sitzungen für die Geräte erforderlich sind, wobei die Geräte über das Zugriffsnetz mit Datenebenen-Knoten und Steuerebenen-Einheiten verbunden sind, hält bzw. aufweist, und

durch den Netzwerk-Controller (3), mittels kollaborativer Operationen mit der Steuerebenen-Funktion (2) einschließlich eines Informationsaustauschs über eine Kommunikationsschnittstelle zwischen der Steuerebenen-Funktion (2) und dem Netzwerk-Controller (3), Auswählen eines oder mehrerer Datenebenen-Knoten (4), die auf der Grundlage einer Anfrage eines bestimmten Geräts (5) für einen Sitzungsaufbau konfiguriert sind, als Richtlinien-Durchsetzungspunkte (8) für eine Durchsetzung von Regeln in der Datenebene, welche erforderlich sind, um die Konnektivität für das bestimmte Gerät (5) zu ermöglichen, zu fungieren.

2. Verfahren nach Anspruch 1, wobei die kollaborativen Operationen zwischen der Steuerebenen-Funktion (2) und dem Netzwerk-Controller (3) folgendes umfassen:

auf die Anfrage eines Geräts (5) zum Sitzungsaufbau hin, Empfangen von auf das Gerät (5) bezogenen Informationen mittels Signalisierung an der Steuerebene (2),

durch die Steuerebenen-Funktion (2), Weiterreichen der auf das Gerät (5) bezogenen Informationen an den Netzwerk-Controller (3), und

durch den Netzwerk-Controller (3), Auswählen geeigneter Datenebenen-Knoten (4) für die Richtliniendurchsetzung auf der Grundlage der auf das Gerät (5) bezogenen Informationen.

3. Verfahren nach Anspruch 1 oder 2, wobei die kollaborativen Operationen zwischen der Steuerebenen-Funktion (2) und dem Netzwerk-Controller (3) folgendes umfassen:

auf die Anfrage eines Geräts (5) zum Sitzungsaufbau hin, Empfangen von auf das Gerät (5) bezogenen Informationen mittels Signalisierung an der Steuerebene (2),

durch die Steuerebenen-Funktion (2), basierend auf den auf das Gerät (5) bezogenen Information, Durchführen einer Auswahl eines abstrakten Datenebenen-Knotens oder einer Gruppe von abstrakten Datenebenen-Knoten und dann in Kontakt Bringen des ausgewählten abstrakten Datenebenen-Knotens oder der Gruppe von abstrakten Datenebenen-Knoten mit dem Netzwerk-Controller (3), und

durch den Netzwerk-Controller (3), Auswählen geeigneter Datenebenen-Knoten (4) für die Richtliniendurchsetzung auf der Grundlage von Informationen über den abstrakten Datenebenen-Knoten oder die Gruppe von abstrakten Datenebenen-Knoten.

4. Verfahren nach einem der Ansprüche 1 bis 3, wobei die von der Steuerebenen-Funktion (2) an den Netzwerk-Controller (3) weitergeleitete, auf das Gerät (5) bezogene Information ein Ortsattribut umfasst, das Informationen über den Ort und/oder die Nähe des Geräts (5) repräsentiert.

5. Verfahren nach Anspruch 4, wobei der Netzwerk-Controller (3) das Ortsattribut auf geeignete Datenebenen-Knoten (4) zur Richtliniendurchsetzung abbildet.

6. Verfahren nach Anspruch 4 oder 5, wobei die Steuerebenen-Funktion (2) das Ortsattribut verwendet, um den Ort auf einen virtuellen Datenebenen-Knoten auf der abstrakten Ansicht, welche die Steuerebenen-Funktion von der Datenebene hat, abzubilden, und eine Kennung des virtuellen Datenebenen-Knotens an den Netzwerk-Controller (3) übergibt, der wiederum die Kennung auf einen geeigneten Datenebenen-Knoten (4) zur Richtliniendurchsetzung abbildet.

7. Verfahren nach einem der Ansprüche 4 bis 6, wobei die Steuerebenen-Funktion (2) das Ortsattribut verwendet, um eine Gruppe virtueller Datenebenen-Knoten auf der abstrakten Ansicht, welche die Steuerebenen-Funktion von der Datenebene hat, zu identifizieren, und einen Gruppenidentifizierer, der die ausgewählte Gruppe virtueller Datenebenen-Knoten identifiziert, an den Netzwerk-Controller (3) übergibt, der wiederum den Gruppenidentifizierer auf einen geeigneten Datenebenen-Knoten (4) zur Richtliniendurchsetzung abbildet.

8. Verfahren nach Anspruch 3, wobei die von der Steuerebenen-Funktion (2) an den Netzwerk-Controller (3) weitergeleitete, auf das Gerät (5) bezogene Information Informationen bezüglich des Kontexts des Gerätes (5) und/oder Information bezüglich des Netzwerks des von der Vorrichtung (5) benutzten Dienstes umfasst.

9. Verfahren nach einem der Ansprüche 1 bis 8, wobei die Steuerebenen-Funktion (2) in Form einer integrierten Gateway-Steuerfunktion, GW-C (9), implementiert wird, die Steuerebenen-Komponenten eines kombinierten Serving-Gateways und PDN-Gateways, P/S-GW, umfasst.

10. Verfahren nach einem der Ansprüche 1 bis 9, wobei die Richtlinien-Durchsetzungspunkte (8) implementiert werden, um Serving-Gateway- und PDN-Gateway-Komponenten, die in der Datenebene sitzen, zu ersetzen.

11. Verfahren nach einem der Ansprüche 1 bis 10, wobei einer der Datenebenen-Knoten (4), die ausgewählt wurden, um als Richtlinien-Durchsetzungspunkte (8) zu agieren, als Edge-Richtlinien-Durchsetzungspunkt (8a) fungiert, der die Schnittstelle zum Funk- oder Festnetz-Zugangsknoten (7) abschließt, oder
wobei einer der Datenebenen-Knoten (4), die ausgewählt wurden, um als Richtlinien-Durchsetzungspunkte (8) zu agieren, als Edge-Richtlinien-Durchsetzungspunkt (8a) fungiert, der auf dem Funk- oder Festnetz-Zugangsknoten (7) lokalisiert ist.

12. Verfahren nach Anspruch 9 bis 11, wobei die GW-C (9) den Edge-Richtlinien-Durchsetzungspunkt (8a) auf der Grundlage von Standort-Informationen des Geräts (5) bestimmt, die über eine Signalisierung mit einer Mobilitäts-Management-Einheit (10) empfangen werden, wobei die GW-C (9) die Standort-Informationen des Geräts (5) in einen Edge-Richtlinien-Durchsetzungspunkt (8a) auflöst, der für den Standort des Geräts (5) gemäß den auf der GW-C (9) gepflegten Topologie-Informationen in Frage kommt.

13. Verfahren nach einem der Ansprüche 1 bis 12, wobei einer oder mehrere der Datenebenen-Knoten (4), die ausgewählt wurden, um als Richtlinien-Durchsetzungspunkte (8) zu agieren, als Root-Richtlinien-Durchsetzungspunkte (8b) fungieren, welche die Weiterleitungselemente unter der Verwaltung des Netzwerk-Controllers (3) bilden, die den jeweiligen von dem Gerät (5) angeforderten Diensten am nächsten liegen.

14. Verfahren nach einem der Ansprüche 1 bis 13, wobei die Auswahl und Konfiguration des bzw. der Root-Richtlinien-Durchsetzungspunkte (8b) reaktiv beim Abfangen von Verkehr zu/von dem jeweiligen Gerät (5) an dem Netzwerk-Controller (3) ausgelöst wird, oder
wobei ein Standard-Root-Richtlinien-Durchsetzungspunkt ausgewählt wird, indem ein Datenebenen-Knoten mit geeigneten Regeln vorab bereitgestellt wird, um als Root-Richtlinien-Durchsetzungspunkt (8b) zu dienen, und indem der Edge-Richtlinien-Durchsetzungspunkt (8a) mit Regeln konfiguriert wird, um Verkehr an das jeweilige Gerät (5) von dem Standard-Root-Richtlinien-Durchsetzungspunkt zu liefern und/oder Verkehr von dem jeweiligen Gerät (5) durch den Standard-Root-Richtlinien-Durchsetzungspunkt weiterzuleiten.

15. SDN-basiertes Mobilkommunikationssystem, insbesondere zur Ausführung eines Verfahrens gemäß einem der Ansprüche 1 bis 14, umfassend:

ein mobiles Netzwerk mit einer Steuerebene und einer Datenebene, und

einen zwischen der Steuerebene und der Datenebene implementierten Netzwerk-Controller (3),

eine in der Steuerebene des mobilen Netzwerks implementierte Steuerebenen-Funktion (2), die so konfiguriert ist, dass sie Informationen von einem Zugangsnetz über den Standort und/oder die Nähe von Geräten des Nutzer- oder Maschinentyps sowie Informationen über Regeln und/oder Richtlinien, die zum Aufbau von Sitzungen für die Geräte erforderlich sind, hält bzw. aufweist, wobei die Geräte über das Zugangsnetz mit Datenebenen-Knoten und Steuerebenen-Einheiten verbunden sind, und

wobei der Netzwerk-Controller (3) so konfiguriert ist, dass er eine Schnittstelle zur Ermöglichung kollaborativer Operationen mit der Steuerebenen-Funktion (2) sowie Auswahlmittel umfasst, die so konfiguriert sind, dass sie von der Steuerebenen-Funktion (2) empfangene Informationen zur Auswahl eines oder mehrerer Datenebenen-Knoten (4) verwenden, die auf der Grundlage der Anfrage eines bestimmten Geräts (5) für einen Sitzungsaufbau so konfiguriert sind, dass sie als Richtlinien-Durchsetzungspunkte (8) zum Durchsetzen von Regeln in der Datenebene dienen, die erforderlich sind, um die Konnektivität für das bestimmte Gerät (5) zu ermöglichen.

Revendications

1. Procédé de fonctionnement d'un système de communication mobile basé sur SDN, dans lequel ledit système comprend un réseau mobile comportant un plan de contrôle et un plan de données avec un dispositif de contrôle de réseau (3) implémenté entre eux,
le procédé comprenant :

la fourniture d'une fonction de plan de contrôle (2) dans ledit plan de contrôle dudit réseau mobile, la fonction de plan de contrôle (2) détenant des informations d'un réseau d'accès concernant l'emplacement et/ou la proximité de dispositifs de type machine ou utilisateur ainsi que des informations concernant des règles et/ou des politiques requises pour instaurer des sessions pour lesdits dispositifs, lesdits dispositifs étant connectés via le réseau d'accès à des nœuds de plan de données et des entités de plan de contrôle ; et

par ledit dispositif de contrôle de réseau (3), au moyen de fonctionnements collaboratifs avec ladite fonction de plan de contrôle (2) comportant un échange d'informations sur une interface de communication entre la fonction de plan de contrôle (2) et le dispositif de contrôle de réseau (3), la sélection d'un ou de multiples nœuds de plan de données (4) qui sont, sur la base d'une demande d'établissement de session d'un dispositif particulier (5), configurés pour servir de points d'application de politique (8) pour appliquer des règles dans ledit plan de données qui sont requises pour permettre une connectivité pour ledit dispositif particulier (5).

2. Procédé selon la revendication 1, dans lequel les fonctionnements collaboratifs entre ladite fonction de plan de contrôle (2) et ledit dispositif de contrôle de réseau (3) comportent
lors d'une demande d'établissement de session d'un dispositif (5), la réception via une signalisation d'informations liées au dispositif (5) au niveau de ladite fonction de plan de contrôle (2),
par ladite fonction de plan de contrôle (2), le passage desdites informations liées audit dispositif (5) audit dispositif de contrôle de réseau (3), et
par ledit dispositif de contrôle de réseau (3), la sélection de nœuds de plan de données (4) appropriés pour une application de politique sur la base desdites informations liées audit dispositif (5).

3. Procédé selon la revendication 1 ou 2, dans lequel les fonctionnements collaboratifs entre ladite fonction de plan de contrôle (2) et ledit dispositif de contrôle de réseau (3) comportent lors d'une demande d'établissement de session d'un dispositif (5), la réception via une signalisation d'informations liées au dispositif (5) au niveau de ladite fonction de plan de contrôle (2),
par ladite fonction de plan de contrôle (2), sur la base desdites informations liées audit dispositif (5), la réalisation d'une sélection d'un nœud de plan de données abstrait ou d'un groupe de nœuds de plan de données abstraits, puis l'exposition du nœud de plan de données abstrait ou du groupe de nœuds de plan de données abstraits sélectionnés audit dispositif de contrôle de réseau (3), et
par ledit dispositif de contrôle de réseau (3), la sélection de nœuds de plan de données (4) appropriés pour une application de politique sur la base d'informations concernant ledit nœud de plan de données abstrait ou ledit groupe de nœuds de plan de données abstraits.

4. Procédé selon l'une quelconque des revendications 1 à 3, dans lequel les informations liées audit dispositif (5) passées de ladite fonction de plan de contrôle (2) audit dispositif de contrôle de réseau (3) comportent un attribut d'emplacement qui représente des informations concernant l'emplacement et/ou la proximité dudit dispositif (5).

5. Procédé selon la revendication 4, dans lequel ledit dispositif de contrôle de réseau (3) mappe ledit attribut d'emplacement à des nœuds de plan de données (4) appropriés pour une application de politique.

6. Procédé selon la revendication 4 ou 5, dans lequel ladite fonction de plan de contrôle (2) utilise ledit attribut d'emplacement pour mapper l'emplacement à un nœud de plan de données virtuel sur une vue abstraite de ladite fonction de plan de contrôle du plan de données et passe un identifiant dudit nœud de plan de données virtuel audit dispositif de contrôle de réseau (3), qui à son tour mappe ledit identifiant à un nœud de plan de données approprié (4) pour une application de politique.

7. Procédé selon l'une quelconque des revendications 4 à 6, dans lequel ladite fonction de plan de contrôle (2) utilise ledit attribut d'emplacement pour identifier un groupe de nœuds de plan de données virtuels sur la vue abstraite de ladite fonction de plan de contrôle du plan de données et passe un identifiant de groupe, qui identifie le groupe sélectionné de nœuds de plan de données virtuels, audit dispositif de contrôle de réseau (3), qui à son tour mappe ledit identifiant de groupe à un nœud de plan de données (4) approprié pour une application de politique.

8. Procédé selon la revendication 3, dans lequel les informations liées audit dispositif (5) passées de ladite fonction de plan de contrôle (2) audit dispositif de contrôle de réseau (3) comportent des informations liées à un contexte du dispositif (5) et/ou des informations liées au réseau du service qui est utilisé par ledit dispositif (5).

9. Procédé selon l'une quelconque des revendications 1 à 8, dans lequel ladite fonction de plan de contrôle (2) est implémentée sous forme d'une fonction de contrôle de passerelle intégrée, GW-C (9), qui comprend des composantes de plan de contrôle d'une passerelle de service et d'une passerelle PDN combinées, P/S-GW.

10. Procédé selon l'une quelconque des revendications 1 à 9, dans lequel lesdits points d'application de politique (8) sont implémentés pour remplacer des composantes de passerelle de service et de passerelle PDN se trouvant dans ledit plan de données.

11. Procédé selon l'une quelconque des revendications 1 à 10, dans lequel l'un desdits nœuds de plan de données (4) sélectionnés pour servir de points d'application de politique (8) fonctionne en tant que point d'application de politique de périphérie (8a) mettant fin à l'interface vers le nœud d'accès de ligne fixe ou radio (7), ou
dans lequel l'un desdits nœuds de plan de données (4) sélectionnés pour servir de points d'application de politique (8) fonctionne comme un point d'application de politique de périphérie (8a) situé sur le nœud d'accès de ligne fixe ou radio (7).

12. Procédé selon l'une quelconque des revendications 9 à 11, dans lequel ladite GW-C (9) détermine ledit point d'application de politique de périphérie (8a) sur la base d'informations d'emplacement du dispositif (5) reçues via une signalisation avec une entité de gestion de mobilité (10), dans lequel ladite GW-C (9) résout les informations d'emplacement du dispositif (5) en un point d'application de politique de périphérie (8a) éligible pour l'emplacement dudit dispositif (5) selon les informations de topologie détenues sur ladite GW-C (9).

13. Procédé selon l'une quelconque des revendications 1 à 12, dans lequel un ou plusieurs desdits nœuds de plan de données (4) sélectionnés pour servir de points d'application de politique (8) fonctionnent comme des points d'application de politique de racine (8b) constituant les éléments de réacheminement sous une gestion dudit dispositif de contrôle de réseau (3) qui sont les plus proches de services respectifs demandés par ledit dispositif (5).

14. Procédé selon l'une quelconque des revendications 1 à 13, dans lequel la sélection et la configuration de point d'application de politique de racine (8b) sont déclenchées en réaction lors d'une interception de trafic vers/depuis le dispositif (5) respectif au niveau dudit dispositif de contrôle de réseau (3), ou
dans lequel un point d'application de politique de racine par défaut est sélectionné en réapprovisionnant un nœud de plan de données avec des règles appropriées pour servir de point d'application de politique de racine (8b) et en configurant ledit point d'application de politique de périphérie (8a) avec des règles pour délivrer un trafic au dispositif (5) respectif depuis ledit point d'application de politique de racine par défaut et/ou réacheminer un trafic depuis le dispositif (5) respectif par le biais dudit point d'application de politique de racine par défaut.

15. Système de communication mobile basé sur SDN, notamment pour exécuter un procédé selon l'une quelconque des revendications 1 à 14, comprenant :

un réseau mobile comportant un plan de contrôle et un plan de données, et

un dispositif de contrôle de réseau (3) implémenté entre ledit plan de contrôle et ledit plan de données,

une fonction de plan de contrôle (2) implémentée dans ledit plan de contrôle dudit réseau mobile qui est configurée pour détenir des informations d'un réseau d'accès concernant un emplacement et/ou une proximité de dispositifs de type machine ou utilisateur ainsi que des informations concernant des règles et/ou des politiques requises pour instaurer des sessions pour lesdits dispositifs, lesdits dispositifs étant connectés via le réseau d'accès à des nœuds de plan de données et des entités de plan de contrôle ; et

dans lequel ledit dispositif de contrôle de réseau (3) est configuré pour comporter une interface pour permettre un fonctionnement collaboratif avec ladite fonction de plan de contrôle (2) ainsi que des moyens de sélection qui sont configurés pour utiliser des informations reçues

de ladite fonction de plan de contrôle (2) pour sélectionner un ou de multiples nœuds de plan de données (4) qui sont, sur la base d'une demande d'établissement de session d'un dispositif particulier (5), configurés pour servir de points d'application de politique (8) pour appliquer des règles dans ledit plan de données qui sont requises pour permettre une connectivité pour ledit dispositif particulier (5).

Drawing